CVE-2025-10465
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server.
This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the relevant vulnerabilities. Users of the Sensaway application are advised to contact the manufacturer and review updated products developed with newer technology.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Birtech Information Technologies Industry and Trade Ltd. Co. | Sensaway | 0 <= 09022026 | affected |
Weaknesses
- CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.usom.gov.tr/bildirim/tr-26-0022
- https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0022
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.